Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Dell Command Update versions prior to 3.1 contain an Arbitrary File Deletion Vulnerability. A local authenticated malicious user with low privileges potentially could exploit this vulnerability to delete arbitrary files by creating a symlink from the "Temp\IC\ICDebugLog.txt" to any targeted file. This issue occurs because of insecure handling of Temp directory permissions that were set incorrectly.
CVSS Information
N/A
Vulnerability Type
对搜索路径元素未加控制
Vulnerability Title
Dell Command Update 后置链接漏洞
Vulnerability Description
Dell Command Update是美国戴尔(Dell)公司的一款用于在Dell产品中自动更新驱动程序、BIOS和固件的工具。 Dell Command Update 3.1之前版本中存在安全漏洞。本地攻击者可通过创建符号链接利用该漏洞删除任意文件。
CVSS Information
N/A
Vulnerability Type
N/A